Verify a PEM certificate against an issued server

Question

I have been given a certificate file by another team in my organization to connect to a machine they manage.

The file is of the type :

# file EBIP_CACert.crt
EBIP_CACert.crt: PEM certificate

# openssl verify EBIP_CACert.crt
EBIP_CACert.crt: C = SE, ST = Istanbul, L = Istanbul, O = Debon, OU = IT, TK = DebonCA
error 18 at 0 depth lookup:self signed certificate
OK

The way I am trying to verify my SSL connection is by issuing the below command :

# openssl s_client -connect esesslghq27.se:9000 -cert EBIP_CACert.crt
unable to load client certificate private key file
140537395898272:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:703:Expecting: ANY PRIVATE KEY

Looking at the ERROR ANY PRIVATE KEY , Ive tried the solution but was unable to get it to work.

What should I do to make this work and verify the certificate against the node ?

Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Super User](http://superuser.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. Also see [Where do I post questions about Dev Ops?](http://meta.stackexchange.com/q/134306) — jww, May 09 '17 at 16:49

score 1 · Answer 1 · answered May 09 '17 at 15:57

1

Not sure what you are trying to accomplish, exactly.

If this is a CA cert (as the filename would imply), you'll need to TRUST them, i.e. -CAfile <file>. The -cert option is for a client certificate, for which you'll need the private key.

https://wiki.openssl.org/index.php/Manual:S_client(1)

answered May 09 '17 at 15:57

Tiax

36
3

Thanks, this solved my problem caused by a lack of understanding :) – mmumboss Aug 30 '20 at 09:28

Verify a PEM certificate against an issued server

1 Answers1